Mastodon

AIM

MSN

ICQ

Yahoo

XMPP / Jabber

Skype

Location

Interests

It's been complained about in the forum the instructions on setting up a DD-WRT router with airvpn located at https://airvpn.org/ddwrt/?hl=ddwrt is out of date. For the DD-WRT release I use, the guide is indeed a little outdated, but comprehensible. Still, without warranty and strictly on your own responsibility you could try my guide below. I am unable to provide any support, but this guide hopefully can help someone. For this guide I presume you know what a kill switch is, you know how to set up all other parts of your DD-WRT router such as setting up DHCP for example, and you know how to log into your dd-wrt web interface. In the client area of the airvpn web site, create config files, here. Select any server location and port, it doesn't need to be the one you will use, you only need the certificates & keys. Make sure to tick "Advanced Mode", and tick "Separate certs/keys from .ovpn file", then generate and download the configuration files. Log into your DD-WRT router and ... Step 1. Navigate to the "Services" tab then select the "VPN" tab. Step 2. Select "Enable" under OpenVPN Client. Step 3. Configure the first part of the screen as per screenshot below, noting comments below the screenshot. In the "Server IP/Name" field, indicated by a red arrow, you can either enter a specific server IP ( how to find a specific server IP )substitute the "XX" with the ISO code of the country you wish to connect to (for example DE for Germany, NL for the Netherlands, BE for Belgium, etc.)substitute the "XX" with the continent name (america, asia, earth, europe respectively)leave the field completely empty IF you wish to use random servers from a selection you specify. In this case, make sure to follow step 5.In the "IP Address" field, indicated by a green arrow, you should put the default IP of your router ("gateway"). How to find your router address is beyond this tutorial. Step 4. To configure the second part of the screen we'll need copy-paste from the config files you generated earlier. As per screenshot below, noting comments below the screenshot. Using your favorite text editor Open up "ta.key" and copy all of the contents into the "TLS Auth Key" field. (green arrow)Open up the file "ca.crt" and copy all of the contents into the "CA Cert" field. (blue arrow)Open up the file "user.crt" and copy only and including "----- BEGIN CERTIFICATE----- to the end of ----- END CERTIFICATE----- " into the "Public Client Cert" field. (brown arrow)Open up "user.key" and copy all of the contents into the "Private Client Key" field. (red arrow)Step 5. And the yellow arrow "Additional Config" field ? If in Step 3 you left the "Server IP/Name" field empty because you would like to connect to airvpn servers in a relatively random fashion based on a select preset of countries and/or continents and/or specific servers, this step 5 is for you. Copy-paste and amend: remote-random remote XX.vpn.airdns.org 443 (substitute XX with country or continent as explained earlier) remote XX.vpn.airdns.org 443 (substitute XX with country or continent as explained earlier) remote XX.vpn.airdns.org 443 (substitute XX with country or continent as explained earlier) ... remote XXX.XXX.XXX.XXX 443 (substitute with specific server IP) remote XXX.XXX.XXX.XXX 443 (substitute with specific server IP) remote XXX.XXX.XXX.XXX 443 (substitute with specific server IP) ... resolv-retry infinite As an example, it should look something like: remote-random remote AT.vpn.airdns.org 443 remote BE.vpn.airdns.org 443 remote BG.vpn.airdns.org 443 remote CA.vpn.airdns.org 443 remote asia.vpn.airdns.org 443 remote 185.156.174.114 443 remote 185.189.112.10 443 remote 91.214.169.68 443 resolv-retry infinite Step 6. Click "Save" at the bottom of the page then "Apply Settings". It should work, but a reboot never hurts. NOTE ON KILL SWITCH The Kill Switch in the original instructions may work for you. They did not work for me regardless of correct TUN. I used the below kill switch which I found to be working for me, so I share it here. Go to the "Administration" tab then select the "Commands" tab.Copy the following firewall rules into the command windowWAN_IF="$(ip route | awk '/^default/{print $NF}')" iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT --reject-with icmp-host-prohibited iptables -I FORWARD -i br0 -p tcp -o $WAN_IF -m state --state NEW -j REJECT --reject-with tcp-reset Click on "Save Firewall" NOTE ON DNS It's been said in the forums (not finding reference to link, search refuses "DNS") it is better to use the airvpn server IP as DNS server. On a DD-WRT router, this is hard to achieve if you do not connect to a specific pre-defined server (most users). 10.4.0.1, one of airvpn DNS, is the next best IP to use as DNS server. However ... I found through trial and error - so this is only my pitiful experience - that if you do not put 10.4.0.1 as primary DNS, DD-WRT will keep using your primary DNS regardless whether connected to airvpn or not. 10.4.0.1 is not accessible outside the VPN, so you need a secondary VPN from another provider, such as opennic, find them here . You will find this leads to occasional DNS fallback, leaks if you will, to the secondary/other DNS when 10.4.0.1 is slow or disfunctional. But, such a DNS leak is still through the airvpn server IP, your location should still be hidden. So I would recommend in the DD-WRT control panel section "Setup" - "Basic Setup" - "Network Address Server Settings (DHCP)" to set the primary DNS as 10.4.0.1 and the secondary and further DNS as other free DNS servers, such as those from OpenNIC.

Hi I have installed dd-wrt on Netgear R6400, i followed the official guide for configuring AirVPN on it, and the problem is that im getting maximum speeds of 10-17mbps instead of around 70mbps. Are my settings fine ? what could i try ? Thanks

Hello, I was curious what would happen if I used AirVPN with ASUS Merlin router and have Eddie installed on a windows 10 workstation at the same time. Obv trying to avoid IP leaking. Would using AirVPN on an ASUS router with Merlin be just as reliable as the Eddie software? Eddie has been rocksolid and as far as I know has never had a leak, the network lock works great.. But I would really love to switch things up and get a new router with AirVPN installed on it. I have concerns that the killswitch or lock on the router is not as realiable as Eddies custom client. On the ASUS router, if I use the .ovpn file from AirVPN and also configure the killswitch policy rules to only let out VPN connections would that be just as reliable as the Eddie client? Is it possible to install the client on the PC along with AIR on the router? That way most of my devices will use the router vpn and a couple workstations can use the Eddie client and connect to the VPN router, kinda like a double killswitch. Im just looking for ideas or any feedback. Which would you guys trust more... the killswitch on router or network lock on eddie? Thank you!

I am a new user of Airvpn and impressed with how it works. However whereas I am able to connect to BBC iPlayer and the ITV hub in UK, Channel 4 does not work - complains I am not in the right area. I am connect to Netherlands.

Hi,, I have been using AirVPN for two days now and I'm not really pleased with the Speed so far. I'm using DD-WRT firmware in my home router and configured the OpenVPN client in the router, so all devices at my home network are using the VPN connection. My internet speed at home is: Downlink: 250 Mbit/s Uplink: 100 Mbit/s Ping to a server in Stockholm 1-2 ms. When using AirVPN connected to the Swedish servers, I'm having a slowly 10-15 Mbit/s connection. Changing from TCP settings to UDP settings doesn't really make a difference. Ping about 7 ms. Connecting to the German AirVPN servers, the speed goes up to 30-35 Mbit/s in both directions. Just a comparison with other VPN vendors which I have been testing an configured as OpenVPN client on my DD-WRT router. ExpressVPN (connected to Swedish servers) ca. 70 Mbit/s in both directions. NordVPN (connected to Swedish servers get up to 150 Mbit/s down and 100 Mbit/s uplink. Huge difference here compared to the VPN servers used by AirVPN. Checking the details a bit, I see that AirVPN is using servers located in the north of Stockholm (Uppsala / Åkersberga), connected to the ISP Kustbandet AB which is connected to IP-Only. NordVPN is using for example Obenetwork AB for their VPN servers. Or is there anything wrong the your instructions for the configuration of DD-WRT when using AirVPN? Any comments on this?

This is only a solution for people in their home country willing/wanting to bypass the VPN to access their Netflix account. Does not help for out-of-country Netflix access. I was surprised to not see this in the forum, as it's very simple and works. It is a very short script added to the Custom Configuration which pulls the current IP addresses for a domain name (Netflix.com, Hulu.com) and routes those addresses "around" the VPN.
allow-pull-fqdn
route www.netflix.com 255.255.255.255 net_gateway
So far I've been using this for a day, and had to restart things one time to get it to pick up new addresses. I would like to find a way to run this at regular intervals to add to the IP list (without duplicating addresses already in the list).

Hello forum! I've used OpenVPN on Asus RT-N18U running DD-WRT over a year now. I made files up.sh to start and dn.sh to stop OpenVPN to get rid of GUI and later on to run them via ssh from lan. OpenVPN version got updated to 2.4 and I made the necessary changes to conf file and scripts. It ran without issues couple of months. However, last Thursday my VPN connection went down while I was just browsing the interwebs. OpenVPN log was filled with messages: Recursive routing detected, drop tun packet to [AF_INET]62.102.148.132:443. There's no difference if I set up OpenVPN via GUI or use only my scripts. I've tried both UDP and TCP protocols but the issue persists. Outcome is always the same. Since then I've contacted AirVPN support as I cannot fix this by myself. I don't have the skills for that and I've tried my everything. As you may notice I feel desperate. EDIT: Here was a zip-file including kernel and ip routing tables, scripts, openvpn.conf file and OpenVPN log. I've censored my IP-address and tun1 IP from the files. All I found out is that the router for some reason removes line 62.102.148.132 via 84.xx.xx.xx dev vlan2 from routing table. You can see the difference between before-error_ip-route.txt. and after-error_ip-route.txt. DD-WRT seems to think that the fastest route outside is only via tun1 as VPN endpoint IP is in the same location as tun1 IP-address. Just a guess, might be totally wrong. Then it removes the previously mentioned routing rule and creates a loop. If I use allow-recursive-routing option in OpenVPN configuration, after a while log begins to spam "UDP messages too big" or something like that. I hadn't done any changes to DD-WRT settings, configuration files or script files. Recursive routing just popped up from no where. Router is being used as a gateway and WiFi AP only. All I've done is I moved to a new apartment which has different IP-address provided by the same ISP. That might not affect anything, just FYI. I really hope someone could help me with this. Thanks. Update: Turns out my ISP assings new IP-address every 20 minutes and almost every service on DD-WRT restarts which makes everything kind of frustrating to config...

Hey all, I just set up my TP-link Archer C7 with DD-WRT, and my download speeds went from (no VPN) 25 Mbs to just over 2Mbs. I know I take some performance hit when going through VPN, but this is too much, unfortunately. One thing I didnt understand in the setup process that might be affecting it is "server entry-IP address". Am I "locked into" whatver server I chose when I set up the router? It seems like I am, because the server I chose at the time of config was "best" according to the "Status" page, but no longer is, yet *my* status still says I am still connected to the one I chose the IP of. I can provide more info if needed, but am not at this point b\c I feel like I kinda alreday know the answer, and will be going back to Eddie and stock firmware on my router....hoping against hope that the router can be set up to be faster than using Eddie. Thanks in advance.

Hi, I'm determined to buy a router to run openvpn with airvpn account. Specifically I will have only one device, or at the maximum one other, which should pass in the tunnel.The speed must not deviate much from the real 30mb. I wondered what characteristics must have the cpu, basically I will use the vpn for media streams

My ISP requires using their residential gateway (rg - modem/router combo) which does not allow you to change the DNS settings. I have a Netgear R8000 X6 Nighthawk running DD-WRT cascaded from the RG. Can I run AirVPN in this configuration without issue? If I change the DNS on the X6 to AirVPN DNS settings will I lose internet connectivity as this router gets internet through the rg? If this works, will I leak DNS? Thanks in advance.

I'm running OpenVPN on DD-WRT. Everything seems to work fine, but in the OpenVPN logs I see I guess this means the configuration will stop working at some point? Is there some other configuration I should use instead?

Hi AirVPN users! OpenVPN 2.4.2 has been released for DD-WRT, see http://svn.dd-wrt.com/ticket/5830#no1 Changesets can be found here for any other updates http://svn.dd-wrt.com/search?q=openvpn&noquickjump=1&changeset=on You can find the latest builds from ftp://ftp.dd-wrt.com/betas/2019 but please choice builds higher then 06-01-2017-r32170 but before you upgrade! please type in your router model here to rule out any known bugs! http://svn.dd-wrt.com/ if okay then go a head and upgrade Keeo in mind any lower builds dont have the vulnerabilities patch https://ostif.org/the-openvpn-2-4-0-audit-by-ostif-and-quarkslab-results I can myself confirm build ftp://ftp.dd-wrt.com/betas/2017/07-19-2017-r32753/ Is working great for my TP-Link router

Hi there, I'm hoping someone may be able to assist me with a configuration for my router. My setup is that I'm running a DD-WRT based router with three wireless networks and four devices using a wired connection to the router. Half of my local network is allocated to my DHCP pool for most of these devices. I have my VPN up and running fine, however I would like to do something more advanced with my setup. I would like to split up my network somewhat so that two of the wireless networks as well as the wired computers that all get their IPs from the DHCP pool utilize the VPN for their internet traffic while the devices outside of the DHCP pool and on the third wireless network do not use the VPN. I have the Policy Based Routing setup with the subnet of the DHCP pool and I've been playing around with my IPTables configuration, but I'm hitting a wall trying to keep the traffic split. Any help for this would be greatly appreciated. Thanks in advance, Miko

Hello, I have one problem. I am using airvpn on dd-wrt router and that works like a charm. I also setup some policies as you suggested in previous posts, and some machines are on VPN and some are not. Now I have problem to setup access point. I do not want to use wireless repeater, because it is slow if many devices are connected... I want to wire access point (not wiereless) and use the same SSID as main router has... My configuration:
DSL model (10.10.2.1) <-LAN-------WAN-> DD-WRT router (10.10.3.1) <-LAN-------LAN-> access point [non-dd-wrt] (?.?.?.?)
DD-WRT 'sees' DSL modem (via routing), but DSL modem doesn't know for 10.10.3.1/24 network. What I did: 1. Disabled DHCP on access point 2. Connected router's LAN with access point's LAN (not WAN) 3. Set access point's IP address to 10.10.3.2... 4. Set router's channel to 6 5. Set access point's channel to 11 6. Set access point's SSID to the same SSID as router has and at the end I cannot establish IP anymore if I use access point's wireless network. I tried to leave on DHCP on access point..., but in that case I do not have access to the internet but I can connect to the access point's wireless... I suppose AirVPN's firewall commands are problem:
iptables -I FORWARD -i br0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o br0 -j ACCEPT
iptables -I INPUT -i tun1 -j REJECT
iptables -t nat -A POSTROUTING -o tun1 -j MASQUERADE
iptables -I FORWARD -s 10.10.2.0/24 -j ACCEPT
Can someone help me with this? Thanks in advance.

Hi guys, I would like to divide the cost of Airvpn with a person I know. He is not a close friend of mine and I cannot trust him 100%, so I don't know if he will send me money during the subscription period (we have agreed a very little monthly recurring cost). I was searching a way I could stop a configuration from working, once it is generated. I was using the dd-wrt airvpn guide, which connects without the need of username/password. Which is not a good thing for my scope. I tried changing my Airvpn password, but the configuration continues to work. Any suggestion ?

Hi, I have searched a lot to achieve this. I am looking for a comprehensive step by step (being a novice in this area) to setup a separate Virtual Access point in a DD-WRT router which uses OpenVPN and TOR (This feature is available in latest version of DD-WRT) at the same time. Also I want to ensure that any traffic goes through this VAP only if OpenVPN is up and running. I want to have OpenVPN on port 443 (TCP) due to aggressive DPI by local ISPs for VoIP. Looking to hear from experts I have gone through some guides (no.1 and no.2) but these aren't completely covered or not most relevant.

Hi all, I am trying to set up an airvpn using DD-WRT. I was able to connect to the server and successfully using OpenVPN function, however, I was not able to use port forwarding function. When I disabled airvpn on my DD-WRT and used app, I was able to check that the port was open. When I set up VPN on DD-WRT for some reason port forwarding does not work. In order to verify that vpn was indeed connected, I used overview on client area. I also check the port was open using forwarded ports. Does anyone have a suggestion how I might be able to open the port? P.S When I first installed DD-WRT, I was not able to open a port using forwarded port(both router and app). I quickly realized that I also had to port forward on the router too.

I've configured the OpenVPN client on my DD-WRT flashed TP-Link router and been running this for a couple of weeks. But I've ran into a couple of issues, firstly when attempting to view or listen to content on my Plex server externally is not possible due to the constant buffering. The other is Netflix has detected I'm using a VPN\proxy and will not let me watch any content. I was wondering if it possible using iptables to force both devices out over the Internet without going over the VPN?

I am new to the world of VPNs. I have a dd-wrt with a vpn setup for all connected devices. Obviously, this makes it so that Netflix is now preventing streaming. Is there a way to simply bypass the VPN for netflix and allow it to be directly connected to? I've heard that this can be done by listing ip addresses in the 'additional config' section of the openvpn section in the dd-wrt configuration but I'm not sure where to start. Has anyone else successfully done this? If so, what does your config script look like? Thanks!

Hi I am new with setting up openvpn on routers. Actualy it is my first time with VPNs. I followed the 'How-to' section for setting up the AirVpn on DD-WRT but it didn't work. What I mean is even though I filled in all the boxes like in the tutorial "https://airvpn.org/ddwrt/" nothing happened. I am still connected to the internet with the IP given by my ISP. Nothing seems to have changed. My ISP cable is connected directly to my personal router's WAN port. Connection type PPPoE. Router model: TP-Link WR1043ND v2 The maximum speed from my ISP is 300Mb/s. Attached are pictures with my settings. I searched on the forum for a similar problem but I couldn't spot it. If I missed it please let me know. If you need more details just tell me how to get it. Thanks